AppArmor permissions layout rework

Registered by Jamie Strandboge on 2011-11-16

The file permissions layout table[1] is running out of space and cannot properly support things such as mount rules. While we could hack around this and do remappings, this will require more work to untangle down the road than completing the permissions rework.

http://wiki.apparmor.net/index.php/TechnicalDoc_HFA_permissions#Permission_Layout

Blueprint information

Status:
Complete
Approver:
Jamie Strandboge
Priority:
Essential
Drafter:
John Johansen
Direction:
Approved
Assignee:
John Johansen
Definition:
Approved
Series goal:
Accepted for precise
Implementation:
Implemented
Milestone target:
None
Started by
Jamie Strandboge on 2011-11-16
Completed by
Jamie Strandboge on 2012-03-22

Related branches

Sprints

Whiteboard

Work items:
[jjohansen] extend kernel to use extended permission format (high) (1): DONE
[jjohansen] extend kernel to remap old perms at load to new permission format + regression test it (high) (1): DONE
[jjohansen] extend kernel to load policydb - new permission layout (high) (1): DONE
[jjohansen] fix parse dfa backend to propogate permissions through to compressed DFA generation (high) (4): DONE
[jjohansen] extend parser to generate policydb - new permission layout (high) (2): DONE

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.